Juniper SRX Room for Improvement

Shashidhara B N
Director - Technology Solutions & Services at Connectivity IT Services Private Limited
I have not given a lot of thought as to what needs to be improved because so much of technology and capabilities are expanding. Probably Juniper could come up with their own dedicated endpoint security. Today they have an integration with Sophos. If you really look at what SRX has as far as antivirus capability, it is really only the integration with Sophos. Sophos is good, I am not saying Sophos is a bad solution. But Juniper having their own antivirus solution may be a batter idea to make it a stand-alone product. If you look at Check Point. They have a lot of experience in the area of security which is integrated with their product. In comparison, Juniper could start developing its own strong capabilities with antivirus and have its own security which may even surpass relying on Sophos. Sophos could improve more but it is definitely a wonderful architecture. View full review »
Girish Vyas
Architect - Cloud Serviced at NTT Global Networks
IPS, or IDS services, need improvement. Their major problem is that you have to integrate it with MSN or web building services, you need to buy support for that and services but you cannot. The best thing that I see was a filtering service with custom categories that I can create. If I buy a license, I can integrate it with a different product, but their own web building services is poor. So they can improve web building services, as well as look for application awareness, and maybe, with IPS, they can have their own built-in services rather than integration with MSN for using IPS. There are three things that can be improved. IPS is one that I would definitely want to be improved. I would also like SSL VPN to be integrated. Other than that, I guess it's doing a firewall, so I would say it's cool. Next in features, I would want that to be included, along with SSL VPN, if possible. Other than that for the product, I don't think there's a need for doing anything with this. View full review »
Sr. Engineer at a comms service provider with 51-200 employees
We also use firewalls from FortiGate and Palo Alto and they're built with technology to make them next-generation firewalls. Juniper utilizes a router OS and includes enhancements to make it a firewall. But FortiGate and Palo Alto are full-on firewalls because they are built from scratch with features which are specific to firewalls. Juniper needs to enhance the solution so that it is more powerful. They need to update the administrative tools to create an easier admin experience. An average administrator would find it easier to configure if they could use https rather than the command line interface to do so. In addition, it would be more powerful if Juniper brought out a security product other than firewalls, like anti-spam, endpoint protection, etc. Customers who want to deploy security solutions are not just thinking about firewalls. They're thinking about security across their environment. If Juniper could give me a security solution, beyond the firewall, that integrates with the firewall, that would be helpful. Other products have built a security fabric. So if a customer already uses one of their solutions, like a firewall, they will be thinking about integrating with that vendor's other products. If there is more than just a firewall solution, they will use that same vendor's products throughout the security environment. A security fabric is more powerful than just blocking via network parameters. Juniper should have an end-to-end solution, from the endpoint to the network level. It would provide a more powerful security solution to the customer. Customers are looking for a holistic security solution. View full review »
Learn what your peers think about Juniper SRX. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
437,168 professionals have used our research since 2012.
Risk Management and Security Governance at a comms service provider with 501-1,000 employees
The Juniper product has to improve in terms of innovation. It only has standard reports, such as memory capacity and data traffic. By comparison, the Check Point solution comes with great reports. Check Point tracks the logs, then analyses the logs and can tell you when you are under attack. Then, you can prevent it. With Juniper today, what you have in terms of log analysis is not so good. I think that they have another solution for this, but it is not embedded, and you have to purchase it separately. View full review »
Security Governance at a comms service provider with 1,001-5,000 employees
The Juniper SRX product needs to improve in terms of innovation. E.g., Checkpoint comes with a monitoring solution embedded in its product, as well as providing good reports. Checkpoint also does analysis by tracking the logs and letting you know when you are under attack. What Juniper has today in comparison is not so good. Juniper only has limited reports, such as memory, capacity, data, and traffic. View full review »
Darcy Hiebert
Network Architect - Contractor at TEML
In terms of improvement, it could use more on the security side. It's a good stable firewall, but it's nowhere near what it needs to be for a next-generation type firewall. They also need to improve their documentation. With Cisco, you can find lots of examples, but with Juniper, it is not always the case. One area that needs more focus is instruction on how to interoperate with other vendor's products. I would like to see documentation on running IPsec tables between Fortinet and Juniper or Cisco and Juniper because the information is not there. Their technical support also needs improvement, as they are lagging behind Cisco. View full review »
Bunyamin Bunyamin
Senior Network Security Engineer at Aplikas
Improvements can be made to the GUI. The GUI can be improved by creating policies to handle IPS requirements. The configuration should be a one-step process. This would make it easier to complete the setup to register the time of operation. View full review »
Amir Tofangsazi
CEO, Member of the Board at beh
The workplace management console needs improvement. It should be a little bit more developed. Also, the interface needs a bit more improvement. If the solution would have an intuitive interface would be much better because the work-based interface is not so perfectly developed and it's not ideal. It's not complete yet, and it makes it difficult for beginners and first-time users of this solution. As it is, for new users, it would make it very difficult for them to deploy this solution. Otherwise, the rest is fine. There's no other problem with it. View full review »
Consumer Engineer at a comms service provider with 1,001-5,000 employees
The GUI needs to be easier and more helpful for users who don't have security experience. They need to add WAF management to the tool, as competitors already have it as part of their offerings. This feature is future of protecting enterprise solutions. View full review »
Muhammad Atif Jauhar
Professional Services (Security) at Business Management Company
The solution previously had a Clientless SSL VPN, but it has been removed and I would like access to it again. The GUI needs improvement. I can work fine with the command line (CLI), but new people would like a better user interface. I would like to see an SSH VPN in the next release. View full review »
Senior Product Manager at a tech services company with 51-200 employees
There are a lot of features that customers do not know about and I think that better documentation would help when it comes to learning how to use the product. Technical support could be improved by adding local engineers. View full review »
Viswanathan Selvakumar
Team Manager - Networks at a tech services company with 1,001-5,000 employees
When we first tested the serial interface on our model, it did not work. It should be easier to escalate support tickets. View full review »
Technology Services Director at a tech services company with 11-50 employees
The throughput when using features can be improved. 100-gigabit interfaces should be added into the next release because we'd like to adopt them. View full review »
Stavros Karaguloglou
Owner & CEO at United Telecom AE
The remote access client needs improvement. In the next release, I would like to see the remote access client improved as well as improvements made to the administration GUI. View full review »
Sashisekhar Panda
Chief Executive Officer with 51-200 employees
We are finding that the UTM features which is required (like an antivirus or URL filtering) are not available. We are now looking for the "Next Generation" of firewall protection. We need to be less vulnerable to attacks. In addition, we would really like to see an automated policy feature added. View full review »
Maroun Saamia
Principal Director of IT at Reanaud-bray
* Correct the bugs in the current version. * Help customers more with its configuration so they can feel safer. We tried configuring the IDS for more than four months, but it did not work properly. View full review »
Herve Yapi
In terms of other features, I'd like to see a web filter, 10 point control, application control and DNA features in the next release. View full review »
Mark Fierens
GCD Network Architecture Manager at Technicolor
The device could be more user-friendly. View full review »
Learn what your peers think about Juniper SRX. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
437,168 professionals have used our research since 2012.